IDSs have traditionally been seen as purely information resources, requiring human intervention in order to act on alerts. Recently, support for modifying firewall rules and killing active connections have begun to appear in IDSs, but these suffer from shortcomings. A desire has been recently expressed by many people for an active, 'Gateway' IDS (GIDS), allowing filtering and routing of traffic to be performed by a gateway computer using both traditional firewall-style rules, and also NIDS-style analysis. Rubicon was developed to supply this functionality, and more, in an extensible manner. This talk will discuss some shortcomings of current NIDS products, and hence the need for GIDS, the design and development of Rubicon, and the future for GIDS in general and Rubicon in particular.